期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于iX-MIDD的XACML安全策略评估 被引量:2

XACML Policy Evaluation based on iX-MIDD
下载PDF
导出
摘要 从提高策略评估效能出发,研究应用iMIDD方法对XACML策略进行评估。介绍了XACML和iMIDD与iX-MIDD的基本概念,对策略集、策略、规则及策略树进行了定义,并给出了两种方案将XACML策略转换成iMIDD与iX-MIDD图。方案一处理对象的次序完全符合XACML标准,但处理效率上可能稍差。方案二效率方面更好,但对象处理次序却不一定完全符合XACML标准。给出了用iX-MIDD评估访问请求的处理过程。用GEYSERS项目的实际访问控制策略进行了仿真实验,表明用此方法进行XACML策略评估效率高,非常实用。 In order to make effectiveness evaluation of XACML policy, the application of iMIDD approach is discussed. The fundamental concepts of XACML, iMIDD and iX-MIDD are expounded, the policy set, policy, rule and policy tree described, and the two schemes for transforming XACML policies into iMIDD and iX-MIDD also proposed. For scheme one, the ordering to evaluate target element is completely up to the evaluation standard in XACML, but may be less in evaluation efficiency, while scheme two is better in efficiency, but the ordering not sure to the standard. The procedure to evalute access request is given. And the simulation with actual access control policy for GEYSERS project indicates that iX-MIDD-based policy evaluation is effective and practicable.
作者 罗霄峰 罗万伯
机构地区 四川大学锦江学院 四川大学计算机学院
出处 《通信技术》 2016年第5期627-631,共5页 Communications Technology
关键词 访问控制 安全策略 策略评估 XACML access control security policy policy evaluation XACML
分类号 TP309 [自动化与计算机技术—计算机系统结构] TP391 [自动化与计算机技术—计算机科学与技术]
  • 相关文献

参考文献12

  • 1罗霄峰,罗万伯,胡月,李蕊,廖勇,吴彦伟.网络舆情治理研究[J].通信技术,2010,43(4):81-83. 被引量:19
  • 2郑昌安,吴学智.一种改进的基于挑战/应答机制的短波接入认证系统研究与设计[J].通信技术,2015,48(6):729-733. 被引量:2
  • 3OASIS. eXtensible Access Control Markup Language (XACML) Version 3. 0 [ EB/OL]. (2013- 1 -23) [ 2016-3-12 ]. http ://docs. oasis-open, org/xacml/3. 0/xacml-3.0-core-spec-os-en. html. 被引量:1
  • 4OASIS. Available XACML Implementations. [ EB/OL ]. (2016) [ 2016-3-12]. https://www, oasis-open, org/ committees/tc_home php9 wg_abbrev=xacml#other. 被引量:1
  • 5Fisler K, Krishnamurthi S, Meyerovich LA, et al. Verifi- cation and Change- Impact Analysis of Access- Control Policies [ C ]//Proceedings of the 27th International Con- ference on Software Engineering. New York, NY, USA: ACM ; 2005 : 196-205. 被引量:1
  • 6LIU A X, CEHN F, WANG J H, et al. Designing Fast and Scalable XACML Policy Evaluation Engines [ J ]. IEEE Transactions on Computers, 2011, 60(12) : 1802-1817. 被引量:1
  • 7Santiago Pina Ros, Mario Lischka, F6hx Gemez Mermol. Graph-based XACML Evaluation[ C ]// Proceedings of the 17th ACM Symposium on Access Control Models and Tech- nologies. ACM New York, NY, USA. 2012: 83-92. 被引量:1
  • 8Marouf S,Shehab M,Squicciarini A, et al. Adaptive Re- ordering and Clustering- based Framework for Efficient XACML Policy Evaluation [ J ]. IEEE Transactions on Services Computing, 2012, 4(4):300-313. 被引量:1
  • 9戚湧,陈俊,李千目.一种基于重排序的XACML策略评估优化方法[J].南京理工大学学报,2015,39(2):187-193. 被引量:4
  • 10RAO P, LIN D, E Bertino, et al. Fine-Grained Inte- gration of Access Control Policies [ J ]. Computers and Security, 2011, 30(2-3) :91-107. 被引量:1

二级参考文献24

共引文献22

同被引文献16

  • 1罗万伯,罗霄岚,陈炜,李征,魏雁平.多域环境的安全策略管理框架研究[J].四川大学学报(工程科学版),2006,38(2):114-117. 被引量:7
  • 2LUO Xiao-feng,LI Lin,LUO Wan-bo.A Contextual UsageControl Model[J].Technical Gazette, 2014,21(01):35-41. 被引量:1
  • 3NIST/NSA Privilege Management Conference CollaborationTeam.A Report on the Privilege (Access) ManagementWorkshop[R].NIST/NSA,2010. 被引量:1
  • 4Elisa Bertino,Sushil Jajodia,Pierangela Samatati.SupportingMultiple Access Control Policies in Database Systems[C].Proceedings 1996 IEEE Symposium on Security andPrivacy,1996:94-107. 被引量:1
  • 5MA Gang’WU Ke-he,ZHANG Tong’et al.A FlexiblePolicy-Based Access Control Model for Workflow[J].IEEE International Conference on Computer Science &Automation Engineering,2011(02):533-537. 被引量:1
  • 6Kyong-jin K,Seng-phil HJoon Y.K.A Study onPolicy-based Access Control Model in SNS[J].International Journal of Multimedia and UbiquitousEngineering,2012,7(03):143-150. 被引量:1
  • 7Manifavas C,Fysarakis K,Rantos K,et al.PoIicy-Based Access Control for Body Sensor Networks[C].D. Naccache and D. Sauveron (Eds.):WISTP2014,2014:150-159. 被引量:1
  • 8extensible Access Control Markup Language (XACML)Version 3.0[S].http://docs.oasis-open.Org/xacml/3.0/xacml-3.0-core-spec-os-en.html. 被引量:1
  • 9Rao P,Lin D,Bertino E,et al.Fine-grained Integrationof Access Control Policies[J],Computers andSecurity,2011,30(02-03):91-107. 被引量:1
  • 10Ngo C,Demchenko Y,Laat CD.Decision Diagrams forXACML Policy Evaluation and Management[J].Computers& Security,2015,49(05):1-16. 被引量:1

引证文献2

二级引证文献1

通信技术
2016年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部